We use cookies and similar technologies to recognize your repeat visits and preferences, to measure
the effectiveness of campaigns, and improve our websites. For settings and more information about
cookies, view our Cookie Policy. By clicking “I accept”
on this banner or using our site, you consent to the use of cookies.

I ACCEPT

Setting up Firewall Application Rules in Avast Antivirus

Firewall included in Avast Internet Security and Avast Premier creates rules each time an application or process starts for the first time. These rules determine how Firewall behaves toward each application or process when it connects to the internet or to another network. Although advanced users can manage these rules or create new ones, we recommend you only modify your Application Rules if absolutely necessary. For most use cases, Firewall formulates optimal rules without your input.

Create a new application rule

Default rules are created automatically for software applications from known and trusted sources the first time you start the application when Avast Premier or Avast Internet Security installed. Application Rules are organized into groups. Predefined groups correspond with application vendors. To add an application to an existing group, follow these steps:

Set actions for unauthorized connections

In addition to defining the types of connections you authorize for applications or processes, you can also specify how Firewall behaves when it detects a non-authorized connection. For example, how Firewall manages an incoming connection from the internet for an application with its Allowed connections set to Internet out.

Click a group (or vendor name), then click the arrow next to the name of an application or process in the Application column to manage this setting. The following behaviors are available:

Default rule: Firewall decides to allow or block connections based on the settings of the active Firewall Network profile (Private or Public).

Ask: Firewall asks you to decide if you want to allow or block a connection each time a new request is received. Selecting this option may result in frequent and potentially annoying alerts.

The Network profiles control the settings which determine how strictly Firewall protects your PC.

Private: a lower level of security suitable for when your PC is connected to a trusted network such as your home or work network. This profile enables better connectivity, and permits all communication within the network.

Public: a higher level of security suitable for when your PC is connected to a public network such as in a cafe or airport. Because public networks present greater security risks, no incoming communication is permitted when this profile is set.

Specify authorized ports

Further, tighten rule restrictions by specifying the network ports each application uses for communication when an incoming or ongoing connection is allowed. Follow these steps:

Click a group (or vendor name) to open the list of applications or processes in that group.

Click the arrow next to the name of an application or process in the Application column to expand its individual communication settings.

Specify the ports you authorize the application or process to communicate with (for incoming or outgoing communication depending on the defined access restrictions):

Type specific port numbers into the text box. For multiple ports, separate each port number with a comma.

Select All from the drop-down menu to authorize communication with all ports.

Select a predefined port number from the drop-down menu.

Optionally, click Packet rules to manage these settings according to a connection type. Packet rules enable you to view and manage Firewall rules that control whether network traffic is allowed or blocked according to the information contained in network packets. This information may include network protocols, source or destination IP addresses, and local and remote ports. Firewall uses packet rules to control network traffic using specified connection parameters, while Application Rules only control traffic according to individual rules for programs or services.

Different application or process types require different ports. For example, for internet browsers, port 443 is the default port used for HTTPS (secure HTTP), and port 80 is the most commonly used port for HTTP (unsecured), therefore the port numbers entry for application rules is 443,80. For information about the correct network port to specify for an application, contact the application vendor or refer to the application's documentation or support pages.